Watch out! Facebook hijacking malware is spreading

By Francis Navarro, Komando.com

Cybercriminals are cunning social engineers. They love exploiting our connections, relationships and our innate trust in others. They also know that when we see our circle of friends or relatives "like" or "share" something in social media, we tend to factor in their opinions and oftentimes, we get influenced by their actions too, unconsciously or otherwise.

This also works with general Facebook posts. When we see a post that has thousands of "likes" and "shares," it's so easy to "follow the herd" and assume that it is legitimately popular, hence authentic and vetted for.

This is why the Facebook like-farming is such a big business right now and it's still a growing industry simply because it's profitable.

Faceliker malware

According to security researchers from McAfee Labs, a type of malware that takes over Facebook accounts to spread "likes" is on the rise and it's spreading fast.

Dubbed as "Faceliker," this trojan is spread via web browser redirections to poisoned websites loaded with the malware. It accounts for 9 percent of the 52 million new malware samples detected within the first and second quarters of 2017.

According to McAfee Labs, the program doesn't do additional tasks like steal user passwords or spread additional malware on Facebook. Its sole purpose is simply to generate "likes" for specific posts.

"It hijacks Facebook account clicks in such a way that users think they are liking one thing, but the malware is redirecting the click," McAfee Labs stated in an official blog post. "It acts on their behalf to click another 'like' button without their knowledge."

Similar to like farming scams, cybercrooks can then sell this like-padding service to Facebook Pages who want to inflate their numbers.

This is troubling in this era of fake news since any post, news article or video can then be made to appear to be more popular or accepted than it actually is. Ultimately, this can be used to spread misinformation and influence opinions within Facebook.

"Faceliker leverages and manipulates the social media and app-based communications we increasingly use today," McAfee Labs Vice President Vincent Weafer said. "By making apps or news articles appear more popular, accepted, and legitimate among friends, unknown actors can covertly influence the way we perceive value and even truth."

Now, before we all bring our pitchforks and blame Facebook for this rising malware, McAfee Labs stresses that "Faceliker is not the fault of Facebook. Rather, it is something users bring to Facebook."

How to protect yourself against Faceliker

To protect yourself against malware in general, be extra vigilant when downloading, installing software or clicking links. These are the common ways to get infected - poisoned websites, links and attachments, drive-by downloads, and trojan software.

It is also essential to keep your operating systems and applications up-to-date and secure with the latest security patches to close potential security holes that hackers could take advantage of.

Moreover, since this is essentially regarding Facebook like-farming and fake news, be wary of liking and sharing Facebook posts, pages and contests. Always approach each one with a critical mind and never let your guard down. The fight against fake and misleading Facebook posts starts with us.

How to avoid like-farming scams

There are many scams on Facebook and most of them can be used for like-farming. A popular one, for example, is a post that asks you to like or share so you can win something. There have been several recently claiming to be from a travel agency, offering a free trip to one lucky person who likes and shares the post.

You will also frequently see posts that are allegedly from someone who recently won a large sum of money from a lottery. If you like and share the post, you could get a share of the winnings.

It isn't just posts either; it can also be pages. A scammer might set up a page for "I love kittens" or what appears to be a worthy company or organization.

Just enough content is posted to get a ton of likes, then the scammer switches the content for spam and or malicious links that could infect your gadget. Once you've liked the page, everything new the cybercriminal puts up goes on your News Feed, and in some cases, your friends' feeds as well.

Follow these tips and they will help you avoid Facebook like-farming scams:

Your best bet is to be very judicious about what you like and share on Facebook. Don't just reflexively click "like" on everything.

Take a look at where the post is coming from. If it's from someone you don't recognize, it could be a friend of a friend or it could be a complete stranger. It would be good to find out.

Notice the content and whether it promises anything for liking or sharing. If it does, it's a good clue that it's a scam of some kind. The same goes if you feel pushed or pressured into clicking like or share.